xᴏʀᴋɪᴡɪ 

@xorkiwi

Security Research 🛡🔑 | Reverse Engineering ⏮🔍| Malware Stuff ☣🕷 | Passionate InfoSec Player🖱 | Living in 🇨🇭

fs:[0]
Vrijeme pridruživanja: listopad 2017.
Rođen/a 31. ožujka 2000.

Tweetovi

Blokirali ste korisnika/cu @xorkiwi

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @xorkiwi

  1. Prikvačeni tweet
    12. lis 2019.

    With another wonderful rendition of ECSC is coming to an end. Already hyped for seeing you again next year 😁🔜

    Poništi
  2. proslijedio/la je Tweet
    1. velj

    I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :)

    Poništi
  3. proslijedio/la je Tweet
    prije 3 sata

    someone claims to have "cracked" RSA, should I tell him that Time AI already did?

    Poništi
  4. proslijedio/la je Tweet
    prije 5 sati

    I hope that nobody uses it as a defensive measure... 😱

    Poništi
  5. prije 5 sati
    Poništi
  6. proslijedio/la je Tweet
    prije 21 sat

    Need a Reference Architecture? Check out this one showing how technology enables this strategy/access model. Slide 14 of CISO Workshop Module 3

    Poništi
  7. proslijedio/la je Tweet
    prije 23 sata

    [COM hijacking] While I was looking for some methods related to the COM hijacking technique, I found a new method that allows you to hijack COM and execute Scriptlet instructions :) Registry import file:

    Poništi
  8. proslijedio/la je Tweet
    1. velj

    Here is my massive lib db (for ctfs/wargames/blind pwns etc.). It consists of thousands of libs across over a dozen Linux distributions and architectures spanning the last 20 years. It indexes symbols & gadgets (including one gadgets AKA magic gadgets).

    Poništi
  9. proslijedio/la je Tweet
    2. velj

    Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't. and I wrote about these!

    Poništi
  10. proslijedio/la je Tweet
    prije 23 sata

    VSCode x * VSCode based GUI * Interactive terminal * Remote file browser (Yes!) * Open source Not on market yet. But you can built it from the source:

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    1. velj

    Attention CTF players (and organizers, CTFd v2.0.0 - v2.2.2 has a serious vulnerability (CVE-2020-7245) in which an attacker could perform account takeover using a leading-trailing on the Registration form. It has been fixed in v2.2.3. Make sure to update!

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    prije 23 sata

    Don't know why but I like super consist write-ups like these. Easy to follow and remember.

    Poništi
  13. proslijedio/la je Tweet
    Odgovor korisnicima

    I don't mean to be mean, but it's pointing guns at people RIGHT now through police dispatch systems. The "wait till it has a gun" language is harmful silicon valley futurism because IT HAS A GUN RIGHT NOW

    Poništi
  14. proslijedio/la je Tweet
    1. velj
    Poništi
  15. proslijedio/la je Tweet
    1. velj

    Hey - Your product is shit and your company is shit. Not only is what you’re trying to do hurting society, but your delivery of it is completely worthless. Analyze this: 🖕

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    1. velj

    With all it's deficiencies and it's untimely death, BinNavi did have the prettiest and most satisfying code-as-graph UI. Neither IDA nor Ghidras graphs are very usable, and I miss Navi's UI every time I read assembly.

    Poništi
  17. proslijedio/la je Tweet
    1. velj

    For anyone wondering, yes it’s written in C# and yes I will be totally adding it as a SILENTTRINITY module if I can get the source code (a few changes need to be made in order for it to run in memory).

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    31. sij

    Why do we call senior practitioners “senior” instead of “hardened”?

    Poništi
  19. proslijedio/la je Tweet
    30. sij

    HWASAN (think of it as ASAN v2) has become available to developers on Android outside of Google. If you use C or C++ on Android, please give it a try. HWASAN is also available on Aarch64 Linux with a recent kernel.

    Poništi
  20. 31. sij

    This callgraph scares you? All those branches must be super hard to reverse-engineer? Then don't miss my talk where you are going to learn how to easily solve crackmes like this using

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·